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DETAILED ACTION 
Drawings 

The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) 
because they include the following reference character(s) not mentioned in the 
description: figure 4, reference character 450, and figure 8, reference character 450. 
Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the 
specification to add the reference characters) in the description in compliance with 37 
CFR 1 .121(b) are required in reply to the Office action to avoid abandonment of the 
application. Any amended replacement drawing sheet should include all of the figures 
appearing on the immediate prior version of the sheet, even if only one figure is being 
amended. The replacement sheet(s) should be labeled "Replacement Sheet" in the 
page header (as per 37 CFR 1 .84(c)) so as not to obstruct any portion of the drawing 
figures. If the changes are not accepted by the examiner, the applicant will be notified 
and informed of any required corrective action in the next Office action. The objection to 
the drawings will not be held in abeyance. 

The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) 
because they do not include the following reference sign(s) mentioned in the 
description: reference character 470 (page 9, line 12). Corrected drawing sheets in 
compliance with 37 CFR 1 .121(d) are required in reply to the Office action to avoid 
abandonment of the application. Any amended replacement drawing sheet should 
include all of the figures appearing on the immediate prior version of the sheet, even if 
only one figure is being amended. The replacement sheet(s) should be labeled 
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"Replacement Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct 
any portion of the drawing figures. If the changes are not accepted by the examiner, the 
applicant will be notified and informed of any required corrective action in the next Office 
action. The objection to the drawings will not be held in abeyance. 

Specification 

The disclosure is objected to because of the following informalities: the term 
"IMAP" (page 4, line 30), while well known in the art, this term has not been defined. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, 
manufacture, or composition of matter, or any new and useful improvement 
thereof, may obtain a patent therefor, subject to the conditions and requirements 
of this title. 

Claims 1-19 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 1 states "a propagated signal for 
leveraging a persistent connection", a propagated signal is considered non-statutory 
subject matter. Dependent claims 2-19 are rejected based on their dependency from 
claim 1. 

Claims 40-54 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 40 states "persistent connection means 
for establishing a persistent connection", and "broker means for brokering". These 
limitations are considered non-statutory subject matter because they consist on 
software code for establishing the persistent connection (page 1 , lines 18-25) and 
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brokering a connection (page 2, lines 20-30). Dependent claims 41-54 are rejected 
based on their dependency from claim 40. 

To expedite a complete examination of the application, the claims rejected under 
35 U.S.C. 101 (non-statutory) above are further rejected as set forth below in 
anticipation of applicant amending these claims to place them within the four statutory 
categories of invention. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under 
section 122(b), by another filed in the United States before the invention by the 
applicant for patent or (2) a patent granted on an application for patent by 
another filed in the United States before the invention by the applicant for patent, 
except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application 
filed in the United States only if the international application designated the 
United States and was published under Article 21 (2) of such treaty in the English 
language. 

Claims 1 , 6-9, 20, 25-28, 40, 45-48 are rejected under 35 U.S.C. 1 02(e) as being 
anticipated by French et al. 

Regarding claim 1, French et al. teach a computer program stored on a computer 
readable medium or a propagated signal for leveraging a persistent connection to 
provide a client access to a secured service, the computer program comprising: an input 
code segment that causes a computer to receive input from a client (column 3, lines 15- 
20); a persistent connection code segment that causes the computer to establish a 
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persistent connection with the client in response to a first request received through the 
input code segment from the client (column 3, lines 65-67, column 4, lines 1-14); and a 
broker code segment that causes the computer to broker a connection between the 
client and a secured service based on a second request received through the input 
code segment from the client by leveraging the persistent connection with the client 
(column 5, lines 10-42). 

Regarding claim 6, French et al. teach the computer program of claim 1 wherein 
the persistent connection code segment comprises: a receiving code segment that 
causes the computer to receive keystone authentication information from the client; a 
keystone authentication code segment that causes the computer to authenticate the 
client based on the keystone authentication information and to provide a keystone 
authentication associated with the persistent connection; and a connection code 
segment that causes the computer to establish the persistent connection with the client 
based on the keystone authentication (column 5, lines 25-53). 

Regarding claim 7, French et al. teach the computer program of claim 6 wherein 
the broker code segment includes a leveraging code segment that causes the computer 
to receive the second request from the client for connection to the secured service after 
the persistent connection to the client is established (column 6, lines 16-27). 

Regarding claim 8, French et al. teach the computer program of claim 7 wherein 
the leveraging code segment further comprises: a leveraged authentication code 
segment that causes the computer to provide a leveraged authentication based on the 
keystone authentication associated with the persistent connection; and a leveraged 
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connection code segment that causes the computer to use the leveraged authentication 
to establish the connection with the secured service (column 5, lines 43-53, column 6, 
lines 1-27). 

Regarding claim 9, French et al. teach the computer program of claim 8 wherein 
the leveraged authentication code segment comprises a transparent authentication > 
code segment that causes the computer to provide the leveraged authentication based 
on the keystone authentication without provision by the client of authentication 
information duplicative or additional to the keystone authentication information used to 
establish the persistent connection (column 6, lines 23-25). 

Regarding claim 20, French et al. teach a method of leveraging a persistent 
connection to provide a client access to a secured service (column 3, lines 5-25), the 
method comprising: receiving a first request from a client (column 3, lines 25-48); 
establishing a persistent connection with the client in response to the first request from 
the client (column 3, lines 65-67, column 4, lines 1-14); receiving a second request from 
the client (column 5, lines 1-25); and brokering a connection between the client and a 
secured service based on the second request from the client by leveraging the 
persistent connection with the client (column 5, lines 1-25). 

Regarding claim 25, French et al. teach the method of claim 20 wherein 
establishing the persistent connection comprises: receiving keystone authentication 
information from the client; authenticating the client based on the keystone 
authentication information to provide a keystone authentication associated with the 
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persistent connection; and establishing the persistent connection with the client based 
on the keystone authentication (column 5, lines 25-53). 

Regarding claim 26, French et al. teach the method of claim 25 wherein 
leveraging the persistent connection includes receiving the second request from the 
client for connection to the secured service after the persistent connection to the client 
is established (column 6, lines 16-27). 

Regarding claim 27, French et al. teach the method of claim 26 wherein 
.leveraging the persistent connection with the client includes: providing a leveraged 
authentication based on the keystone authentication associated with the persistent 
connection; and using the leveraged authentication to establish the connection with the 
secured service (column 5, lines 43-53, column 6, lines 1-27). 

Regarding claim 28, French et al. teach the method of claim 27 wherein the 
keystone authentication is used to provide the leveraged authentication without 
provision by the client of authentication information duplicative or additional to the 
keystone authentication information used to establish the persistent connection (column 
6, lines 23-25). 

Regarding claim 40, French et al. teach a system for leveraging a persistent 
connection to provide a client access to a secured service (column 3, lines 5-25), the 
system comprising: input means for receiving input from a client (column 3, lines 25-48); 
persistent connection means for establishing a persistent connection with a client' in 
response to a first request received through the input means from the client (column 3, 
lines 65-67, column 4, lines 1-14); broker means for brokering a connection between the 
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client and a secured service based on a second request received through the input 
means from the client by leveraging the persistent connection with the client (column 5, 
lines 1-25). 

Regarding claim 45, French et al. teach the system of claim 40 wherein the 
persistent connection means comprises: receiving means for receiving keystone 
authentication information from the client; keystone authentication means for 
authenticating the client based on the keystone authentication information to provide a 
keystone authentication associated with the persistent connection; and connection 
means for establishing the persistent connection with the client based on the keystone 
authentication (column 5, lines 25-53). 

Regarding claim 46, French et al. teach the system of claim 45 wherein the 
broker means includes leveraging means for receiving the second request from the 
client for connection to the secured service after the persistent connection to the client 
is established (column 6, lines 16-27). 

Regarding claim 47, French et al. teach the system of claim 46 wherein the 
leveraging means further comprises: leveraged authentication means for providing a 
leveraged authentication based on the keystone authentication associated with the 
persistent connection; and leveraged connection means for causing the leveraged 
authentication to be used to establish the connection with the secured service (column 
5, lines 43-53, column 6, lines 1-27). 

Regarding claim 48, French et at. teach the system of claim 47 wherein the 
leveraged authentication means comprises transparent authentication means for 
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causing the leveraged authentication to be provided based on the keystone 

authentication without provision by the client of authentication information duplicative or 

additional to the keystone authentication information used to establish the persistent 

connection (column 6, lines 23t25). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

Claims 2-5, 10-15, and 19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over French et al. as applied to claim 1 above, and further in view of Kung. 

Claims 21-24, 29-34, and 39 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over French et al. as applied to claim 20 above, and further in view of 
Kung. 

Claims 41-44 and 49-54 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over French et al. as applied to claim 40 above, and further in view of 
Kung. 

Regarding claims 19 and 39, the examiner interprets that the constraint implies 
that the information has to be presented by the client for whom the connection was 
brokered, since it is essential for the client to have presented the authorization 
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constraints prior to brokering the connection since authorization information is required, 
otherwise, the brokered connection would not have been permitted. French et al. teach 
brokering a connection between the client and a secured service (column 5, lines 10- 
42). Furthermore, Kung teaches the authorization information comprises constraint 
information (column 5, lines 19-37). 

Regarding claim 2, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker code segment comprises a 
transparent authentication code segment that causes the computer to leverage the 
keystone authentication to authenticate the client without provision by the client of 
authentication information duplicative or additional to the keystone authentication 
information used to establish the persistent connection. 

Kung teaches the computer program of claim 1 wherein: the persistent 
connection is established based on keystone authentication information provided by the 
client; and the broker code segment comprises a transparent authentication code 
segment that causes the computer to leverage the keystone authentication to 
authenticate the client without provision by the client of authentication information 
duplicative or additional to the keystone authentication information used to establish the 
persistent connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 
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At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 2. 

Regarding claim 3, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker code segment comprises a 
transparent authentication code segment that causes the computer to leverage the 
keystone authentication to authenticate the client without provision by the client of 
authentication information duplicative of the keystone authentication information used to 
establish the persistent connection. 

Kung teaches the computer program of claim 1 wherein: the persistent 
connection is established based on keystone authentication information provided by the 
client; and the broker code segment comprises a transparent authentication code 
segment that causes the computer to leverage the keystone authentication to 
authenticate the client without provision by the client of authentication information 
duplicative of the keystone authentication information used to establish the persistent 
connection (column 2, lines 47-68). 
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French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative 
authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 3. 

Regarding claim 4, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker code segment comprises a 
transparent authentication code segment that causes the computer to leverage the 
keystone authentication to authenticate the client without provision by the client of 
authentication information additional to the keystone authentication information used to 
establish the persistent connection. 

Kung teaches the computer program of claim 1 wherein: the persistent 
connection is established based on keystone authentication information provided by the 
client; and the broker code segment comprises a transparent authentication code 
segment that causes the computer to leverage the keystone authentication to 
authenticate the client without provision by the client of authentication information 
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additional to the keystone authentication information used to establish the persistent 
connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative 
authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 4. 

Regarding claim 5, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein the broker code segment causes the computer to broker the connection 
between the client and the secured service before the client attempts to connect to the 
secured service directly. 

Kung teaches the computer program of claim 1 wherein the broker code segment 
causes the computer to broker the connection between the client and the secured 
service before the client attempts to connect to the secured service directly (column 3, 
lines 12-24). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 
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At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a persistent connection between the client and the secured 
service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering persistent connections to secured services to obtain the invention as specified 
in claim 5. 

Regarding claim 10, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein: the persistent connection code segment includes a first partition code 
segment that causes the computer to establish the persistent connection between the 
client and a persistent connection service in response to the first request from the client; 
and the broker code segment includes a second partition code segment that causes the 
computer to use a broker service to broker the connection between the client and the 
secured service based on the second request from the client. 

Kung teaches the computer program of claim 1 wherein: the persistent 
connection code segment includes a first partition code segment that causes the 
computer to establish the persistent connection between the client and a persistent 
connection service in response to the first request from the client; and the broker code 
segment includes a second partition code segment that causes the computer to use a 
broker service to broker the connection between the client and the secured service 



s 
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based on the second request from the client (column 3, lines 64-68, column 4, lines 1- 
29). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to establish a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of access 
to a secured service to obtain the invention as specified in claim 10. 

Regarding claim 1 1 , French et al. and Kung teach the limitations as set forth 
under claim 10 above. Furthermore, Kung teaches the computer program of claim 10 
wherein the second partition code segment comprises a reception code segment that 
causes the computer to receive from the persistent connection service at a connection 
request address a communication based on the second request from the client (column 
5, lines 1-37). 

Regarding claim 12, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein the broker code segment comprises: a liaison code segment that causes the 
computer program to communicate as an intermediary with the client and the secured 
service based on the second request from the client so that the client may obtain 
authorization information that may be used to establish the connection to the secured 
service; a determining code segment that causes the computer to determine the 
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authorization information based on the second request from the client; a communication 
code segment that causes the computer to communicate to the secured service an 
indication that the client desires to connect to the secured service, wherein the 
indication comprises the authorization information; a receiving code segment that 
causes the computer to receive a response from the secured service indicating that the 
client may be allowed to establish the connection to the secured service by presenting 
the authorization information to the secured service; and an authorization code segment 
that causes the computer to communicate the authorization information to enable the 
client to present the authorization information to the secured service to establish the 
connection with the secured service. 

Kung teaches the computer program of claim 1 wherein the broker code segment 
comprises: a liaison code segment that causes the computer program to communicate 
as an intermediary with the client and the secured service based on the second request 
from the client so that the client may obtain authorization information that may be used 
to establish the connection to the secured service (column 4, lines 60-65); a determining 
code segment that causes the computer to determine the authorization information 
based on the second request from the client(column 4, lines 65-68, column 5, lines 1-5); 
a communication code segment that causes the computer to communicate to the 
secured service an indication that the client desires to connect to the secured service, 
wherein the indication comprises the authorization information (column 5, lines 1-10); a 
receiving code segment that causes the computer to receive a response from the 
secured service indicating that the client may be allowed to establish the connection to 
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the secured service by presenting the authorization information to the secured service; 
and an authorization code segment that causes the computer to communicate the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service (column 5, 
lines 1-37). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 12. 

Regarding claim 13, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein the broker code segment further comprises: a liaison code segment that 
causes the computer program to communicate as an intermediary with the client and 
the secured service based on the second request from the client so that the client may 
obtain authorization information that may be used to establish the connection to the 
secured service; a communication code segment that causes the computer to 
* communicate to the secured service an indication that the client desires to connect to 
the secured service; a receiving code segment that causes the computer to receive a 
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response from the secured service indicating that the secured service may accept a 
connection from the client, wherein the response includes the authorization information; 
an authorization code segment that causes the computer to communicate the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service. 

Kung teaches the computer program of claim 1 wherein the broker code segment 
further comprises: a liaison code segment that causes the computer program to 
communicate as an intermediary with the client and the secured service based on the 
second request from the client so- that the client may obtain authorization information 
that may be used to establish the connection to the secured service (column 4, lines 60- 
65); a communication code segment that causes the computer to communicate to the 
secured service an indication that the client desires to connect to the secured service 
(column 5, lines 1-10); a receiving code segment that causes the computer to receive a 
response from the secured service indicating that the secured service may accept a 
connection from the client, wherein the response includes the authorization information; 
an authorization code segment that causes the computer to communicate the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service(column 5, lines 
1-37). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 
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At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 1 3. 

Regarding claim 14, French et al. and Kung teach the limitations as set forth 
under claim 13 above. Furthermore, Kung teaches the computer program of claim 13 
wherein the response received by the computer from the secured service includes 
authorization information determined by the secured service (column 5, lines 19-37). 

Regarding claim 15, French et al. teach the limitations as set forth under claim 1 
above. However, French et al. do not disclose expressly the computer program of claim 
1 wherein: the broker code segment includes a liaison code segment that causes the 
computer program to communicate as an intermediary with the client and the secured 
service based on the second request from the client so that the client may obtain 
authorization information that may be used to establish the connection to the secured 
service; the authorization information comprises constraint information; and the 
authorization information may be ineffective to establish a connection with the secured 
service if the connection constraints are not satisfied by the constraint information. 

Kung teaches the computer program of claim 1 wherein: the broker code 
segment includes a liaison code segment that causes the computer program to 
communicate as an intermediary with the client and the secured service based on the 
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second request from the client so that the client may obtain authorization information 
that may be used to establish the connection to the secured service (column 4, lines 60- 
68); the authorization information comprises constraint information (column 5, lines 19- 
37); and the authorization information may be ineffective to establish a connection with 
the secured service if the connection constraints are not satisfied by the constraint 
information. 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use an intermediary between the client and the secured service to 
broker the connection. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
accessing a secured service from a client to obtain the invention as specified in claim 
15. 

Regarding claim 21 , French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 
wherein: establishing the persistent connection with the client includes authenticating 
the client based on keystone authentication information provided by the client; and 
brokering the connection between the client and the secured service includes 
leveraging the keystone authentication information to authenticate the client without 
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provision by the client of authentication information duplicative or additional to the 
keystone information used to establish the persistent connection. 

Kung teaches the method of claim 20 wherein: establishing the persistent 
connection with the client includes authenticating the client based on keystone 
authentication information provided by the client; and brokering the connection between 
the client and the secured service includes leveraging the keystone authentication 
information to authenticate the client without provision by the client of authentication 
information duplicative or additional to the keystone information used to establish the 
persistent connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
21. 

Regarding claim 22, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 
wherein: establishing the persistent connection with the client includes authenticating 
the client based on keystone authentication information provided by the client; and 
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brokering the connection between the client and the secured service includes 
leveraging the keystone authentication information to authenticate the client without 
provision by the client of authentication information duplicative of the keystone 
information used to establish the persistent connection. 

Kung teaches the method of claim 20 wherein: establishing the persistent 
connection with the client includes authenticating the client based on keystone 
authentication information provided by the client; and brokering the connection between 
the client and the secured service includes leveraging the keystone authentication 
information to authenticate the client without provision by the client of authentication 
information duplicative of the keystone information used to establish the persistent 
connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
22. 

Regarding claim 23, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 
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wherein: establishing the persistent connection with the client includes authenticating 
the client based on keystone authentication information provided by the client; and 
brokering the connection between the client and the secured service includes 
leveraging the keystone authentication information to authenticate the client without 
provision by the client of authentication information additional to the keystone 
information used to establish the persistent connection. 

Kung teaches the method of claim 20 wherein: establishing the persistent 
connection with the client includes authenticating the client based on keystone 
authentication information provided by the client; and brokering the connection between 
the client and the secured service includes leveraging the keystone authentication 
information to authenticate the client without provision by the client of authentication 
information additional to the keystone information used to establish the persistent 
connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
23. 
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Regarding claim 24, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 wherein 
the connection between the client and the secured service is brokered before the client 
attempts to connect to the secured service directly. 

Kung teaches the method of claim 20 wherein the connection between the client 
and the secured service is brokered before the client attempts to connect to the secured 
service directly (column 3, lines 12-24). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a persistent connection between the client and the secured 
service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
24. 

Regarding claim 29, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 
wherein; the persistent connection is established between the client and a persistent 
connection service; and the connection between the client and the secured service is 
brokered by a broker service. 
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Kung teaches the method of claim 20 wherein; the persistent connection is 
established between the client and a persistent connection service; and the connection 
between the client and the secured service is brokered by a broker service (column 3, 
lines 64-68, column 4, lines 1 -29). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to establish a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of access 
to a secured service to obtain the invention as specified in claim 29. 

Regarding claim 30, French et al. and Kung teach the limitations as set forth 
under claim 29 above. Furthermore, Kung teaches the method of claim 29 wherein 
brokering the connection between the client and the secured service includes receiving 
from the persistent connection service at a connection request address a 
communication based on the second request from the client and wherein the connection 
request address varies systematically with time (column 5, lines 1-37). 

Regarding claim 31 , French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 wherein 
brokering comprises: receiving the second request from the client to connect to the 
secured service; determining authorization information based on the second request 
from the client; communicating to the secured service an indication that the client 
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desires to connect to the secured service, wherein the indication comprises the 
authorization information; receiving a response from the secured service indicating that 
the client may be allowed to establish the connection to the secured service by 
presenting the authorization information to the secured service; and communicating the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service. 

Kung teaches the method of claim 20 wherein brokering comprises: receiving the 
second request from the client to connect to the secured service (column 4, lines 60- 
65); determining authorization information based on the second request from the client 
(column 4, lines 65-68, column 5, lines 1-5); communicating to the secured service an 
indication that the client desires to connect to the secured service, wherein the 
indication comprises the authorization information (column 5, lines 1-10); receiving a 
response from the secured service indicating that the client may be allowed to establish 
the connection to the secured service by presenting the authorization information to the 
secured service ; and communicating the authorization information to enable the client 
to present the authorization information to the secured service to establish the 
connection with the secured service (column 5, lines 1-37). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 
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Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 31. 

Regarding claim 32, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 wherein 
brokering comprises: receiving the second request from the client to connect to the 
secured service; communicating to the secured service an indication that the client 
desires to connect to the secured service; receiving a response from the secured 
service indicating that the secured service may accept a connection from the client, 
wherein the response includes authorization information; and communicating the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service. 

Kung teaches the method of claim 20 wherein brokering comprises: receiving the 
second request from the client to connect to the secured service (column 4, lines 60- 
65); communicating to the secured service an indication that the client desires to 
connect to the secured service (column 5, lines 1-10); receiving a response from the 
secured service indicating that the secured service may accept a connection from the 
client, wherein the response includes authorization information; and communicating the 
authorization information to enable the client to present the authorization information to 
the secured service to establish the connection with the secured service (column 5, 
lines 1-37). 
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French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 32. 

Regarding claim 33, French et al. and Kung teach the limitations as set forth 
under claim 32 above. Furthermore, Kung teaches the method of claim 32 wherein the 
authorization information is determined by the secured service (column 5, lines 19-37). 

Regarding claim 34, French et al. teach the limitations as set forth under claim 20 
above. However, French et al. do not disclose expressly the method of claim 20 
wherein: brokering comprises communicating as an intermediary with the client and the 
secured service based on the second request from the client so that the client may 
obtain authorization information that may be used to establish the connection to the 
secured service; the authorization information comprises constraint information; and the 
authorization information may be ineffective to establish a connection with the secured 
service if the connection constraints are not satisfied by the constraint information. 

Kung teaches the method of claim 20 wherein: brokering comprises 
communicating as an intermediary with the client and the secured service based on the 
second request from the client so that the client may obtain authorization information 
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that may be used to establish the connection to the secured service (column 4, lines 60- 
68); the authorization information comprises constraint information (column 5, lines 19- 
37); and the authorization information may be ineffective to establish a connection with 
the secured service if the connection constraints are not satisfied by the constraint 
information. 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use an intermediary between the client and the secured service to 
broker the connection. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
accessing a secured service from a client to obtain the invention as specified in claim 
34. 

Regarding claim 41 , French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 
wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker means comprises transparent 
authentication means for leveraging the keystone authentication to authenticate the 
client without provision by the client of authentication information duplicative or 
additional to the keystone authentication information used to establish the persistent 
connection 
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Kung teaches the system of claim 40 wherein: the persistent connection is 
established based on keystone authentication information provided by the client; and 
the broker means comprises transparent authentication means for leveraging the 
keystone authentication to authenticate the client without provision by the client of 
authentication information duplicative or additional to the keystone authentication 
information used to establish the persistent connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of ' 
authenticating access to secured services to obtain the invention as specified in claim 
41. 

Regarding claim 42, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 
wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker means comprises transparent 
authentication means for leveraging the keystone authentication to authenticate the 
client without provision by the client of authentication information duplicative of the 
keystone authentication information used to establish the persistent connection 
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Kung teaches the system of claim 40 wherein: the persistent connection is 
established based on keystone authentication information provided by the client; and 
the broker means comprises transparent authentication means for leveraging the 
keystone authentication to authenticate the client without provision by the client of 
authentication information duplicative of the keystone authentication information used to 
establish the persistent connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
42. 

Regarding claim 43, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 
wherein: the persistent connection is established based on keystone authentication 
information provided by the client; and the broker means comprises transparent 
authentication means for leveraging the keystone authentication to authenticate the 
client without provision by the client of authentication information additional to the 
keystone authentication information used to establish the persistent connection 
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Kung teaches the system of claim 40 wherein: the persistent connection is 
established based on keystone authentication information provided by the client; and 
the broker means comprises transparent authentication means for leveraging the 
keystone authentication to authenticate the client without provision by the client of 
authentication information additional to the keystone authentication information used to 
establish the persistent connection (column 2, lines 47-68). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to authenticate the client without having the client provide duplicative or 
additional authentication information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
43. 

Regarding claim 44, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 wherein 
the broker means brokers the connection between the client and the secured service 
before the client attempts to connect to the secured service directly. 

Kung teaches the system of claim 40 wherein the broker means brokers the 
connection between the client and the secured service before the client attempts to 
connect to the secured service directly (column 3, lines 12-24). 
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French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a persistent connection between the client and the secured 
service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
authenticating access to secured services to obtain the invention as specified in claim 
44. 

Regarding claim 49, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 
wherein: the persistent connection means includes first partition means for establishing 
the persistent connection between the client and a persistent connection service in 
response to the first request from the. client; and the broker means includes second 
partition means for causing a broker service to be used to broker the connection 
between the client and the secured service based on the second request from the client. 

Kung teaches the system of claim 40 wherein: the persistent connection means 
includes first partition means for establishing the persistent connection between the 
client and a persistent connection service in response to the first request from the client; 
and the broker means includes second partition means for causing a broker service to 
be used to broker the connection between the client and the secured service based on 
the second request from the client (column 3, lines 64-68, column 4, lines 1-29). 
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French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to establish a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of access 
to a secured service to obtain the invention as specified in claim 49. 

Regarding claim 50, French et al. and Kung teach the limitations as set forth 
under claim 49 above. Furthermore, Kung teaches the system of claim 49 wherein the 
second partition means comprises reception means for receiving from the persistent 
connection service at a connection request address a communication based on the 
second request from the client (column 5, lines 1-37). 

Regarding claim 51 , French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 wherein 
the broker means further comprises: liaison means for communicating as an 
intermediary with the client and the secured service based on the second request from 
the client so that the client may obtain authorization information that may be used to 
establish the connection to the secured service; determining means for determining the 
authorization information based on the second request from the client; communication 
means for communicating to the secured service an indication that the client desires to 
connect to the secured service, wherein the indication comprises the authorization 
information;, receiving means for receiving a response from the secured service 
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indicating that the client may be allowed to establish the connection to the secured 
service by presenting the authorization information to the secured service; and 
authorization means for communicating the authorization information to the client to 
enable the client to present the authorization information to the secured service to 
establish the connection with the secured service. 

Kung teaches the system of claim 40 wherein the broker means further 
comprises: liaison means for communicating as an intermediary with the client and the 
secured service based on the second request from the client so that the client may 
obtain authorization information that may be used to establish the connection to the 
secured service (column 4, lines 60-65); determining means for determining the 
authorization information based on the second request from the client (column 4, lines 
65-68, column 5, lines 1-5); communication means for communicating to the secured 
service an indication that the client desires to connect to the secured service, wherein 
the indication comprises the authorization information (column 5, lines 1-10); receiving 
means for receiving a response from the secured service indicating that the client may 
be allowed to establish the connection to the secured service by presenting the 
authorization information to the secured service; and authorization means for 
communicating the authorization information to the client to enable the client to present 
the authorization information to the secured service to establish the connection with the 
secured service (column 5, lines 1-37). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 
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At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 51 . 

Regarding claim 52, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 wherein 
the broker means further comprises: liaison means for communicating as an 
intermediary with the client and the secured service based on the second request from 
the client so that the client may obtain authorization information that may be used to 
establish the connection to the secured service; communication means for 
communicating to the secured service an indication that the client desires to connect to 
the secured service; receiving means for receiving a response from the secured service 
indicating that the secured service may accept a connection from the client, wherein the 
response includes the authorization information; authorization means for communicating 
the authorization information to the client to enable the client to present the 
authorization information to the secured service to establish the connection with the 
secured service. 

Kung teaches the system of claim 40 wherein the broker means further 
comprises: liaison means for communicating as an intermediary with the client and the 
secured service based on the second request from the client so that the client may 
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obtain authorization information that may be used to establish the connection to the 
secured service (column 4, lines 60-65); communication means for communicating to 
the secured service an indication that the client desires to connect to the secured 
service (column 5, lines 1-10); receiving means for receiving a response from the 
secured service indicating that the secured service may accept a connection from the 
client, wherein the response includes the authorization information; authorization means 
for communicating the authorization information to the client to enable the client to 
present the authorization information to the secured service to establish the connection 
with the secured service (column 5, lines 1-37). 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to broker a connection between a client and a secured service. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
brokering a connection between a client and a secured service to obtain the invention 
as specified in claim 52. 

Regarding claim 53, French et al. and Kung teach the limitations as set forth 
under claim 52 above. Furthermore, Kung teaches the system of claim 52 wherein the 
response received by the receiving means includes authorization information 
determined by the secured service (column 5, lines 19-37). 



Application/Control Number: 09/894,919 Page 38 

Art Unit: 2136 

Regarding claim 54, French et al. teach the limitations as set forth under claim 40 
above. However, French et al. do not disclose expressly the system of claim 40 
wherein: the broker means includes liaison means for communicating as an 
intermediary with the client and the secured service based on the second request from 
the client so that the client may obtain authorization information that may be used to 
establish the connection to the secured service; the authorization information comprises 
constraint information; and the authorization information may be ineffective to establish 
a connection with the secured service if the connection constraints are not satisfied by 
the constraint information. 

Kung teaches the system of claim 40 wherein: the broker means includes liaison 
means for communicating as an intermediary with the client and the secured service 
based on the second request from the client so that the client may obtain authorization 
information that may be used to establish the connection to the secured service 
(column 4, lines 60-68); the authorization information comprises constraint information 
(column 5, lines 19-37); and the authorization information may be ineffective to establish 
a connection with the secured service if the connection constraints are not satisfied by 
the constraint information. 

French et al. and Kung are analogous art because they are directed to a similar 
problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use an intermediary between the client and the secured service to 
broker the connection. 



Application/Control Number: 09/894,919 Page 39 

Art Unit: 2136 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Kung with the method of French et al. for the benefit of 
accessing a secured service from a client to obtain the invention as specified in claim 
54. 

Claims 16 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over French et al. and Kung as applied to claim 15 above, and further in view of Cohen 
et al. 

Claims 35, 36, and 38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over French et al. and Kung as applied to claim 34 above, and further in 
view of Cohen et al. 

Regarding claim 16, French et al. and Kung teach the limitations as set forth 
under claim 15 above. However, French et al. and Kung do not disclose expressly the 
computer program of claim 1 5 wherein the connection constraints include a constraint 
that limits a number of uses for the authorization information to a predetermined 
threshold number. 

Cohen et al. teach the computer program of claim 15 wherein the connection 
constraints include a constraint that limits a number of uses for the authorization 
information to a predetermined threshold number (column 6, lines 4-5). 

French et al., Kung, and Cohen et al. are analogous art because they are 
directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to have a predetermined number of uses for the authorization information. 
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Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Cohen et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 16. 

Regarding claim 18, French et al. and Kung teach the limitations as set forth 
under claim 15 above. However, French et al. and Kung do not disclose expressly the 
computer program of claim 15 wherein the connection constraints include a constraint 
that the authorization information be used within a predetermined time window. 

Cohen et al. teach the computer program of claim 15 wherein the connection 
constraints include a constraint that the authorization information be used within a 
predetermined time window (column 13, lines 35-40). 

French et al., Kung, and Cohen et al. are analogous art because they are 
directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to have a predetermined time window for using the authorization 
information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Cohen et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 18. 

Regarding claim 35, French et al. and Kung teach the limitations as set forth 
under claim 34 above. However, French et al. and Kung do not disclose expressly the 
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method of claim 34 wherein the connection constraints include a constraint that limits a 
number of uses for the authorization information to a predetermined threshold number. 

Cohen et al. teach the method of claim 34 wherein the connection constraints 
include a constraint that limits a number of uses for the authorization information to a 
predetermined threshold number (column 6, lines 4-5). 

French et al., Kung, and Cohen et al. are analogous art because they are 
directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to have a predetermined number of uses for the authorization information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Cohen et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 35. 

Regarding claim 36, French et al. and Kung teach the limitations as set forth 
under claim 34 above. However, French et al. and Kung do not disclose expressly the 
method of claim 34 wherein the connection constraints include a constraint that the 
number of times that the authorization information has been used not exceed a 
predetermined number of times. 

Cohen et al. teach the method of claim 34 wherein the connection constraints 
include a constraint that the number of times that the authorization information has been 
used not exceed a predetermined number of times (column 6, lines 4-5). 



Application/Control Number: 09/894,919 Page 42 

Art Unit: 2136 

French et al., Kung, and Cohen et al. are analogous art because they are 
directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to have a predetermined number of times for use of the authorization 
information. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Cohen et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 36. 

Regarding claim 38, French et al. and Kung teach the limitations as set forth 
under claim 34 above. However, French et al. and Kung do not disclose expressly the 
method of claim 34 wherein the connection constraints include a constraint that the 
authorization information be used within a predetermined time window 

Cohen et al. the method of claim 34 wherein the connection constraints include a 
constraint that the authorization information be used within a predetermined time 
window (column 13, lines 35-40). 

French et al., Kung, and Cohen et al. are analogous art because they are 
directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to have a predetermined time window for using the authorization 
information. 
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Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of Cohen et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 38. 

Claim 17 is rejected under 35 U.SC 103(a) as being unpatentable over French 
et al., Kung, and Cohen et al. as applied to claim 16 above, and further in view of West 
et al. (Patent Number US 6,538,996). 

Regarding claim 17, French et al., Kung, and Cohen et al. teach the limitations as 
set forth under claim 16 above. However, French et al., Kung, and Cohen et al. do not 
disclose expressly the computer program of claim 16 wherein the connection 
constraints include a one-time-use password. 

West et al. teach the computer program of claim 16 wherein the connection 
constraints include a one-time-use password (column 30, lines 8-23). 

French et al., Kung, Cohen et al., and West et al. are analogous art because they 
are directed to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use a one-time-use password. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of West et al. with the method of French et al., Kung, and Cohen 
et al. for the benefit of secure access to computer systems to obtain the invention as 
specified in claim 17. 
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Claim 37 is rejected under 35 U.S.C. 103(a) as being unpatentable over French 
et al., and Kung as applied to claim 34 above, and further in view of West et al. (Patent 
Number US 6,538,996). 

Regarding claim 37, French et al. and Kung teach the limitations as set forth 
under claim 34 above. However, French et al. and Kung do not disclose expressly the 
method of claim 34 wherein the connection constraints include a one-time-use 
password. 

West et al. teach the method of claim 34 wherein the connection constraints 
include a one-time-use password (column 30, lines 8-23). 

French et al., Kung, and West et al. are analogous art because they are directed 
to a similar problem solving area - secure access to computer systems. 

At the time of the invention it would have been obvious to a person of ordinary 
skill in the art to use a one-time-use password. 

Therefore, it would have been obvious to a person of ordinary skill in the art to 
combine the teachings of West et al. with the method of French et al. and Kung for the 
benefit of secure access to computer systems to obtain the invention as specified in 
claim 37. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David G. Cervetti whose telephone number is (571 ) 272- 
5861 . The examiner can normally be reached on Monday-Friday 8:30 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on (571) 272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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